Search Results

Search found 8766 results on 351 pages for 'integrated authentication'.

Page 33/351 | < Previous Page | 29 30 31 32 33 34 35 36 37 38 39 40  | Next Page >

• "Integrated" VMs (As opposed to "Sandboxed")

  - by sabof

  It is common for virtual machines to be sandboxes, their interaction with the host OS being limited to the absolutely necessary. Are there any projects that would try to integrate VMs (specifically Virtual Box) with their host OS (specifically Ubuntu on Windows host, but I'd be curious of other combinations as well)? Things like opening all files with a certain extension in either the host or the guest. Possibly other nice things I haven't thought of.

  Read the article

• AD-Integrated DNS failure: "Access was Denied"

  - by goldPseudo

  I have a single Windows 2008 R2 server configured as a domain controller with Active Directory Domain Services and DNS Server. The DNS Server was recently uninstalled and reinstalled in an attempt to fix a (possibly unrelated) problem; the event log was previously flooded with errors (#4000, "The DNS Server was unable to open Active Directory...") which reinstalling did not fix. However, while before it was at least showing and resolving names from the local network (slowly), now it's showing nothing at all. (The original error started with a #4015 error "The DNS server has encountered a critical error from the Active Directory," followed by a long string of #4000 and a few #4004. This may have been caused when a new DNS name was recently added, but I can't be sure of the timing.) Attempting to manage the DNS through Administrative Tools > DNS brings up an error: The server SERVERNAME could not be contacted. The error was: Access was denied. Would you like to add it anyway? Selecting yes just puts a SERVERNAME item on the list, but with all the configuration options grayed out. I attempted editing my hosts file as per this post but to no avail. Running dcdiag, it does identify the home server properly, but fails right away testing connectivity with: Starting test: Connectivity The host blahblahblahyaddayaddayadda could not be resolved to an IP address. Check the DNS server, DHCP, server name, etc. Got error while checking LDAP and RPC connectivity. Please check your firewall settings. ......................... SERVERNAME failed test Connectivity Adding the blahblahblahyaddayaddayadda address to hosts (pointing at 127.0.0.1), the connectivity test succeeded but it didn't seem to solve the fundamental problem (Access was denied) so I hashed it out again. Primary DNS server is properly pointing at 127.0.0.1 according to ipconfig /all. And the DNS server is forwarding requests to external addresses properly (if slowly), but the resolving of local network names is borked. The DNS database itself is small enough that I am (grudgingly) able to rebuild it if need be, but the DNS Server doesn't seem willing to let me work with (or around) it at all. (and yes before you ask there are no system backups available) Where do I go from here? As requested, my (slightly obfuscated) dcdiag output: Directory Server Diagnosis Performing initial setup: Trying to find home server... Home Server = bulgogi * Identified AD Forest. Done gathering initial info. Doing initial required tests Testing server: Obfuscated\BULGOGI Starting test: Connectivity The host a-whole-lot-of-numbers._msdcs.obfuscated.address could not be resolved to an IP address. Check the DNS server, DHCP, server name, etc. Got error while checking LDAP and RPC connectivity. Please check your firewall settings. ......................... BULGOGI failed test Connectivity Doing primary tests Testing server: Obfuscated\BULGOGI Skipping all tests, because server BULGOGI is not responding to directory service requests. Running partition tests on : ForestDnsZones Starting test: CheckSDRefDom ......................... ForestDnsZones passed test CheckSDRefDom Starting test: CrossRefValidation ......................... ForestDnsZones passed test CrossRefValidation Running partition tests on : DomainDnsZones Starting test: CheckSDRefDom ......................... DomainDnsZones passed test CheckSDRefDom Starting test: CrossRefValidation ......................... DomainDnsZones passed test CrossRefValidation Running partition tests on : Schema Starting test: CheckSDRefDom ......................... Schema passed test CheckSDRefDom Starting test: CrossRefValidation ......................... Schema passed test CrossRefValidation Running partition tests on : Configuration Starting test: CheckSDRefDom ......................... Configuration passed test CheckSDRefDom Starting test: CrossRefValidation ......................... Configuration passed test CrossRefValidation Running partition tests on : obfuscated Starting test: CheckSDRefDom ......................... obfuscated passed test CheckSDRefDom Starting test: CrossRefValidation ......................... obfuscated passed test CrossRefValidation Running enterprise tests on : obfuscated.address Starting test: LocatorCheck ......................... obfuscated.address passed test LocatorCheck Starting test: Intersite ......................... obfuscated.address passed test Intersite And my hosts file (minus the hashed lines for brevity): 127.0.0.1 localhost ::1 localhost And, for the sake of completion, here's selected chunks of my netstat -a -n output: TCP 0.0.0.0:88 0.0.0.0:0 LISTENING TCP 0.0.0.0:135 0.0.0.0:0 LISTENING TCP 0.0.0.0:389 0.0.0.0:0 LISTENING TCP 0.0.0.0:445 0.0.0.0:0 LISTENING TCP 0.0.0.0:464 0.0.0.0:0 LISTENING TCP 0.0.0.0:593 0.0.0.0:0 LISTENING TCP 0.0.0.0:636 0.0.0.0:0 LISTENING TCP 0.0.0.0:3268 0.0.0.0:0 LISTENING TCP 0.0.0.0:3269 0.0.0.0:0 LISTENING TCP 0.0.0.0:3389 0.0.0.0:0 LISTENING TCP 0.0.0.0:9389 0.0.0.0:0 LISTENING TCP 0.0.0.0:47001 0.0.0.0:0 LISTENING TCP 0.0.0.0:49152 0.0.0.0:0 LISTENING TCP 0.0.0.0:49153 0.0.0.0:0 LISTENING TCP 0.0.0.0:49154 0.0.0.0:0 LISTENING TCP 0.0.0.0:49155 0.0.0.0:0 LISTENING TCP 0.0.0.0:49157 0.0.0.0:0 LISTENING TCP 0.0.0.0:49158 0.0.0.0:0 LISTENING TCP 0.0.0.0:49164 0.0.0.0:0 LISTENING TCP 0.0.0.0:49178 0.0.0.0:0 LISTENING TCP 0.0.0.0:49179 0.0.0.0:0 LISTENING TCP 0.0.0.0:50480 0.0.0.0:0 LISTENING TCP 127.0.0.1:53 0.0.0.0:0 LISTENING TCP 192.168.12.127:53 0.0.0.0:0 LISTENING TCP 192.168.12.127:139 0.0.0.0:0 LISTENING TCP 192.168.12.127:445 192.168.12.50:51118 ESTABLISHED TCP 192.168.12.127:3389 192.168.12.4:33579 ESTABLISHED TCP 192.168.12.127:3389 192.168.12.100:1115 ESTABLISHED TCP 192.168.12.127:50784 192.168.12.50:49174 ESTABLISHED <snip ipv6> UDP 0.0.0.0:123 *:* UDP 0.0.0.0:500 *:* UDP 0.0.0.0:1645 *:* UDP 0.0.0.0:1645 *:* UDP 0.0.0.0:1646 *:* UDP 0.0.0.0:1646 *:* UDP 0.0.0.0:1812 *:* UDP 0.0.0.0:1812 *:* UDP 0.0.0.0:1813 *:* UDP 0.0.0.0:1813 *:* UDP 0.0.0.0:4500 *:* UDP 0.0.0.0:5355 *:* UDP 0.0.0.0:59638 *:* <snip a few thousand lines> UDP 0.0.0.0:62140 *:* UDP 127.0.0.1:53 *:* UDP 127.0.0.1:49540 *:* UDP 127.0.0.1:49541 *:* UDP 127.0.0.1:53655 *:* UDP 127.0.0.1:54946 *:* UDP 127.0.0.1:58345 *:* UDP 127.0.0.1:63352 *:* UDP 127.0.0.1:63728 *:* UDP 127.0.0.1:63729 *:* UDP 127.0.0.1:64215 *:* UDP 127.0.0.1:64646 *:* UDP 192.168.12.127:53 *:* UDP 192.168.12.127:67 *:* UDP 192.168.12.127:68 *:* UDP 192.168.12.127:88 *:* UDP 192.168.12.127:137 *:* UDP 192.168.12.127:138 *:* UDP 192.168.12.127:389 *:* UDP 192.168.12.127:464 *:* UDP 192.168.12.127:2535 *:* <snip ipv6 again>

  Read the article

• Apache Reverse proxy for intranet and other integrated application on intranet

  - by user1433448

  I'm trying to configure a reverse proxy (ssl) with apache 2.2 in Debian Squeeze, but I have some problems, specially with some path absolute and with https I'll try to detail what I have made and what I'm trying to configure I have a server Debian Squeeze with apache2.2 + mod_proxy_html with: # apt-get install libapache2-mod-proxy-html libxml2-dev # a2enmod proxy # a2enmod proxy_http # a2enmod proxy_html # a2enmod headers After that I have configured a virtual host with: reverse_proxy_ssl.conf I'm trying to configure to allow access of our intranet from internet with a reverse proxy (apache that is located in DMZ). With this configuration domain.com/intranet works correctly and we can access to intranet, but we have one problem when from domain.com/intranet we need to use another internal application that is called from intranet with absolute path ( https://192.168.10.25/application/) and from internet appears that try to access with internal ip, and this link es incorrect from external site We only need to access from intranet to multiple internal application that are in external server and we like to restrict to minimal access from internet. All the application that are in the smae server of intranet are working. The second problem is with https and reverse proxy in our firewall appears some errors with packets (not valid packets), and with https seems to work. What can I do to solve this problems (absolute path and ssl problem) Thanks

  Read the article

• Integrated Help - Merged Help Indexes

  - by Rob Sanders

  If anyone has had more than a couple of Microsoft tools or products installed (or a local install of the MSDN library) side by side, you might have noticed that opening help (hitting F1) or opening, say, SQL Server Books Online causes the help indexes to be re-indexed - this is usually after installing a new product or tool. This can be a really, really time consuming exercise! Does anyone know a way to prevent or opt out of having combined help indexes? At best, even just preventing the reindexing at all?

  Read the article

• IM and File Transfers Integrated With VoIP

  - by Ehtyar

  I have an Asterisk box serving an office of people. I'd like to provide instant messaging and file sharing capabilities alongside the voice and video capabilities provided by Asterisk (ala Windows Live Messenger, Skype etc). Asterisk does not seem to offer IM outside the context of a SIP call, nor am I aware that it provides file transferring capabilities whatsoever. The clients will be using Jitsi, so there are many protocols to choose from, but I'd like to provide as much integration as possible between the VoIP and IM/file transfer (ideally a single account that facilitates voice/video and IM/file transfer). Is this possible, and if not, what would be the most appropriate alternative? Thank you.

  Read the article

• Latest XP Drivers for Intel Integrated Graphics

  - by John

  On the Intel site I'm struggling to find what the latest driver version is for certain chipsets. From a system info tool I have several PCs (laptops) with the following reported graphics: Mobile Intel(R) 4 Series Express Chipset Family Intel(R) Q35 Express Chipset Family Intel(R) Q45/Q43 Express Chipset All use the same driver igxprd32.dll at version 6.14.0010.4xxx (last 3 digits vary). All PCs are XP 32 bit. I am not certain but I think these are all using the same basic chipset. More than likely the drivers were never updated so I wondered what version might be relevant. Any help on tracking down the latest driver version (I just need the number, so I can see how out of date they are) and figuring out which chips these cards are would be great.

  Read the article

• Removing integrated video card drivers broke other hardware?

  - by jsnlxndrlv

  I just purchased and installed an XFX ATI Radeon HD 4650 video card. The installation instructions said to remove the old video card drivers before installing the new driver. I did both things, but now every time I start my computer, the Found New Hardware wizard pops up for the following three devices: PCI Device SM Bus Controller Other PCI Bridge Device Furthermore, my LAN port no longer functions. The cable's connected, and the light on the port comes on, but the computer can't find any servers when I attempt to connect with it. The modem and router are working, and obviously I'm able to use the other computer here to post this. What do I do to fix this?

  Read the article

• Error getting PAM / Linux integrated with Active Directory

  - by topper

  I'm trying to add a Linux server to a network which is controlled by AD. The aim is that users of the server will be able to authenticate against the AD domain. I have Kerberos working, but NSS / PAM are more problematic. I'm trying to debug with a simple command such as the following, please see the error. Can anyone assist me to debug? root@antonyg04:~# ldapsearch -H ldap://raadc04.corp.MUNGED.com/ -x -D "cn=MUNGED,ou=Users,dc=corp,dc=MUNGED,dc=com" -W uid=MUNGED Enter LDAP Password: ldap_bind: Invalid credentials (49) additional info: 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 525, vece I have had to munge some details, but I can tell you that cn=MUNGED is my username for logging into the AD domain, and the password that I typed was the password for said domain. I don't know why it says "Invalid credentials", and the rest of the error is so cryptic, I have no idea. Is my approach somehow flawed? Is my DN obviously wrong? How can I confirm the correct DN? There was a tool online but I can't find it. NB I have no access to the AD Server for administration or configuration.

  Read the article

• All Webcams (integrated or otherwise) have stopped working

  - by cgoddard

  Recently, like in the last few months (incidentally, I didn't notice it at first, but I think it might have coincided with the installation of libusb) all webcams have stopped working on my laptop. But, its not a driver error or anything like that, the webcam claims it is working, but when I try to use it in skype, it tells me that it thinks another program is using my webcam. However, I have tried going through every program and closing it until system crash, but it never becomes available. But the light on the side of the inbuilt webcam doesn't come on. And when I added a second webcam, it became available to the system, installed fine, return error 0 on the devices manager, and when I tried to use it, claimed it was in use. How can I find out what might have gone wrong to be causing the system to think that the webcams are constantly in use?

  Read the article

• How would I access the Windows Login (Authentication) API from a C++ Service Application?

  - by Gabriel

  Let us imagine for a moment that I have a piece of hardware that can act as an authentication for a user on a given system. I want to write an application in C++ to run as a service, look for this device and if found log the appropriate user in. I believe I have found the API's I would need to use to perform the hardware and service portions of the application but am having a hard time nailing down a way to create a "real" user login. Is this possible? If so where would I look to find resources on accomplishing this? I think of it as being an analog to fingerprint scanner login type devices.

  Read the article

• How do I make an HTTP Post with HTTP Basic Authentication, using POCO?

  - by Alyoshak

  I'm trying to make an HTTP Post with HTTP Basic Authentication (cleartext username and password), using POCO. I found an example of a Get and have tried to modify it, but being a rookie I think I've mangled it beyond usefulness. Anyone know how to do this? Yes, I've already seen the other SO question on this: POCO C++ - NET SSL - how to POST HTTPS request, but I can't make sense of how it is trying to implement the username and password part. I also don't understand the use of "x-www-form-urlencoded". Is this required for a Post? I don't have a form. Just want to POST to the server with username and password parameters.

  Read the article

• Reason to use more cookies than just a session hash for authentication?

  - by dierre

  I usually hang out in a community using vBulletin as its bulletin board. I was looking at what this software saves as cookie in my browser. As you can see it saves 6 cookies. Amongst them, what I consider to be important for authentification are: ngivbsessionhash: hash of the current session ngivbpassword: hash of the password ngivbuserid: user's id Those are my assumptions of course. I don't know for sure if ngilastactivity and ngilastvisit are used for the same reason. My question is: why use all these cookie for authentication? My guess would be that maybe generating a session hash would be to easy so using the hashedpassword and userid adds security but what about cookie spoofing? I'm basically leaving on the client all fundamental informations. What do you think?

  Read the article

• I'm trying to implement 2 factor authentication on the cheap. How would I do that?

  - by Biff MaGriff

  Ok so I need 2 of the 3. Something the user knows. Something the user has. Something the user is. I have a system that is exposed to the internet and we need clients to connect in a secure manner to satisfy our security standards. I'm thinking when a user registers to use our system we send them an application that they install on their home system. The application generates a key based on a timed randomness algorithm. Our application server has the same algorithm so when the user submits their credentials with the key we know that they are a legitimate user. Is this a valid method of 2 factor authentication? What is another way of doing this? Are there any pitfalls that I should be aware of? Thanks for your help!

  Read the article

• Authentication Sceme for RESTful API used by desktop app.

  - by user346087

  I'm providing a RESTful API. This API is used by a third party desktop application. The API is currently secured using Basic Authentication. That isn't very secure because the credentials have to be stored in the client application. The communication between the desktop and API can also easily be intercepter. The desktop application also communicates with a third party server (run by the publisher of the desktop application) I am unable to figure out how the secure the API in a good way. Ideas?

  Read the article

• Can't authenticate with different NTLM credentials in one session with java.net.URLConnection

  - by ndn

  When I access a HTTP server using the standard Java API (java.net.URLConnection), the credentials are "cached" after the first successful authentication, and subsequent calls to Authenticator.setDefault() have no effect. So, I need to restart the application in order to use different credentials. I don't observe this effect when Basic Authentication is used. But I need to use NTLM for the server I'm accessing, and the Jakarta Commons HttpClient isn't an alternative either because it doesn't support NTLMv2 (see http://oaklandsoftware.com/papers/ntlm.html) Looking at the packets using Wireshark, I also observe that before the first successful authentication, an authentication with the current Windows credentials is attempted first. But after succesful authentication, only the saved credentials are used. Is there any way to reset or change the credentials java.net.Authenticator is using after a successful NTLM authentication?

  Read the article

• How to accomplish "AuthType None" in Apache 2.2

  - by Technorati

  http://httpd.apache.org/docs/trunk/mod/mod_authn_core.html#authtype talks about "AuthType None", and has an awesome example of exactly what I need to do - unfortunately, it appears to be new to 2.3/2.4. Is there any equivalent feature in 2.2? The authentication type None disables authentication. When authentication is enabled, it is normally inherited by each subsequent configuration section, unless a different authentication type is specified. If no authentication is desired for a subsection of an authenticated section, the authentication type None may be used; in the following example, clients may access the /www/docs/public directory without authenticating: <Directory /www/docs> AuthType Basic AuthName Documents AuthBasicProvider file AuthUserFile /usr/local/apache/passwd/passwords Require valid-user </Directory> <Directory /www/docs/public> AuthType None Require all granted </Directory>

  Read the article

• Couldn't upload files to Sharepoint site while passing through Squid Proxy

  - by Ecio

  Hi all, we have this issue: one of our employees is collaborating with a supplier and he needs to upload documents on a Sharepoint site hosted on the supplier's main site. In our environment we use Squid Proxy to allow people navigate on the net (we have NTLM authentication and users transparently authenticate while using IE and FF). It seems that this specific Sharepoint site is using Integrated Windows Authentication only, and according to some research on the net it seems that this can have troubles with proxies. More specifically, we have tried two Squid versions: with Squid 3.0 we are unable to login to the site (the browser loads an empty page) with Squid 2.7 (that supports "Connection Pinning") we are able to login into the site, move on the different sections BUT.. when we try to upload a file that is bigger than a couple of KiloBytes (i.e. 10KB) the browser loads an error page (i think it's a 401 unauthorized but i must verify it) we've tried changing a couple of Squid options (in 2.7), what we got is that when you try to upload the file you got an authentication box (just like the initial login) and it refuses to go on even if you enter the same authentication credentials. What's really strange is that when you try to upload a small file (i.e. a text or binary 1KB file) the upload succeeds. I initially thought that maybe there was something misconfigured on their Sharepoint site but I've tried also this site: www.xsolive.com (it's a sharepoint 2007 demo site) and I've experienced the same problem. Has any of you experienced such behaviour? Thanks! Of course we've suggested to the supplier to activate also Basic+SSL and we're waiting for their reply..

  Read the article

• Oracle with Kerberos authentication and Windows 2003 Server as KDC

  - by Supaplex

  I am running Oracle 10.2 on a Windows 2003 Server SP2 which is also the domain controller on the network. I wish to switch authentication method from NTS to Kerberos. I have spent a lot of time trying to configure Oracle with Kerberos authentication from the Oracle Advanced Security option from the Net Manager utility. I have disabled NTS so Kerberos is promoted as the preferred authentication method. But as soon as the configuration is saved from Net Manager and I restart the Oracle server service, Oracle will not start. I don't know what Oracle is complaining about, because I don't know where to look for the Oracle error log. My first question is: how can I figure out what's bugging Oracle? My second question: is there a good tutorial for setting up Oracle on a Windows 2003 with Kerberos Authentication, where the Windows 2003 Server is the KDC? Maybe there is a book I can get? I have read Oracles own guide, but it is mostly for Linux/Unix. Thanks a lot!

  Read the article

• Can't get SSH public key authentication to work

  - by Trey Parkman

  My server is running CentOS 5.3. I'm on a Mac running Leopard. I don't know which is responsible for this: I can log on to my server just fine via password authentication. I've gone through all of the steps for setting up PKA (as described at http://www.centos.org/docs/5/html/Deployment_Guide-en-US/s1-ssh-beyondshell.html), but when I use SSH, it refuses to even attempt publickey verification. Using the command ssh -vvv user@host (where -vvv cranks up verbosity to the maximum level) I get the following relevant output: debug2: key: /Users/me/.ssh/id_dsa (0x123456) debug1: Authentications that can continue: publickey,gssapi-with-mic,password debug3: start over, passed a different list publickey,gssapi-with-mic,password debug3: preferred keyboard-interactive,password debug3: authmethod_lookup password debug3: remaining preferred: ,password debug3: authmethod_is_enabled password debug1: Next authentication method: password followed by a prompt for my password. If I try to force the issue with ssh -vvv -o PreferredAuthentications=publickey user@host I get debug2: key: /Users/me/.ssh/id_dsa (0x123456) debug1: Authentications that can continue: publickey,gssapi-with-mic,password debug3: start over, passed a different list publickey,gssapi-with-mic,password debug3: preferred publickey debug3: authmethod_lookup publickey debug3: No more authentication methods to try. So, even though the server says it accepts the publickey authentication method, and my SSH client insists on it, I'm rebutted. (Note the conspicuous absence of an "Offering public key:" line above.) Any suggestions?

  Read the article

• ISA 2006 SP1 - SSL Client Certificate Authentication in Workgroup Environment

  - by JoshODBrown

  We have an IIS6 website that was previously published using an ISA 2006 SP1 standard server publishing rule. In IIS we had required a client certificate be provided before the website could be accessed... this all worked fine and dandy. Now we wish to use a web publishing rule on ISA 2006 SP1 for this same website. However, it seems the client certificate doesn't get processed now, so of course the user can't access the website. I've read a few articles stating the CA for the certificate needs to be installed in the trusted root certificate authorities store on the ISA Server (i have done this), as well as installing the client certificate on the ISA Server (done as well). I have also verified that the ISA Server is able to access the CRL for our CA no problem... In the listener properties for the web publishing rule, under Authentication, and Client Authentication Method, there is an option for SSL Client Certificate Authentication... i select this, but it appears the only Authentication Validation Method selectable is Windows (Active Directory).... there is no Active Directory in this environment. When i configure the rule with the defaults, I then try to hit my website and it prompts for my certificate, i choose it and hit ok... then I'm given the following error Error Code: 500 Internal Server Error. The server denied the specified Uniform Resource Locator (URL). Contact the server administrator. (12202) I check the event logs on the ISA Server and in Security Logs, i see Event ID 536, Failure Aud. The reason: The NetLogon component is not active. I think this is pretty obvious since there is no active directory available. Is there a way to make this web publishing rule work using client certificates in this workgroup environment? Any suggestions or links to helpful documents would be greatly appreciated!

  Read the article

• Nginx proxy with Redmine SVN authentication.

  - by Omegaice

  I am attempting to setup a system where I have an nginx server running as a reverse proxy for multiple websites that I want to run. To separate the websites I have created a Linux container which contains each site to allow me to reduce conflicts in database usage etc. I am currently trying to get my main site working and have nginx with passenger setup and connecting to redmine and I have an Apache install specifically setup for serving the SVN over HTTP and am attempting to use the redmine authentication with that. I have set everything up as described in the redmine howtos, but when I check a project out from the SVN it always works even if the project is private and whenever I try and commit to the repositories it fails saying "Could not open the requested SVN filesystem", the Apache error log related to that event is "(20014)Internal error: Can't open file '/srv/rcs/svn/error/format': No such file or directory". If I take out the redmine authentication I can checkout and check-in repositories fine but there is no authentication. Does anyone have any ideas? Edit I tried to solve this problem another way by attempting to have the authentication work by LDAP, I managed to get it so that my user could log into the redmine website but as soon as I tried to check anything out it said that access was forbidden to the repository.

  Read the article

• Docs for OpenSSH CA-based certificate based authentication

  - by Zoredache

  OpenSSH 5.4 added a new method for certificate authentication (changes). * Add support for certificate authentication of users and hosts using a new, minimal OpenSSH certificate format (not X.509). Certificates contain a public key, identity information and some validity constraints and are signed with a standard SSH public key using ssh-keygen(1). CA keys may be marked as trusted in authorized_keys or via a TrustedUserCAKeys option in sshd_config(5) (for user authentication), or in known_hosts (for host authentication). Documentation for certificate support may be found in ssh-keygen(1), sshd(8) and ssh(1) and a description of the protocol extensions in PROTOCOL.certkeys. Is there any guides or documentation beyond what is mentioned in the ssh-keygen man-page? The man page covers how to generate certificate and use them, but it doesn't really seem to provide much information about the certificate authority setup. For example, can I sign the keys with an intermediate CA, and have the server trust the parent CA? This comment about the new feature seems to mean that I could setup my servers to trust the CA, then setup a method to sign keys, and then users would not have to publish their individual keys on the server. This also seems to support key expiration, which is great since getting rid of old/invalid keys is more difficult then it should be. But I am hoping to find some more documentation about describe the total configuration CA, SSH server, and SSH client settings needed to make this work.

  Read the article

• Oracle with Kerberos authentication and Windows 2003 Server as KDC

  - by Supaplex

  Hello everyone. I am running Oracle 10.2 on a Windows 2003 Server SP2 which is also the domain controller on the network. I wish to switch authentication method from NTS to Kerberos. I have spent a lot of time trying to configure Oracle with Kerberos authentication from the Oracle Advanced Security option from the Net Manager utility. I have disabled NTS so Kerberos is promoted as the preferred authentication method. But as soon as the configuration is saved from Net Manager and I restart the Oracle server service, Oracle will not start. I don't know what Oracle is complaining about, because I don't know where to look for the Oracle error log. My first question is: how can I figure out what's bugging Oracle? My second question: is there a good tutorial for setting up Oracle on a Windows 2003 with Kerberos Authentication, where the Windows 2003 Server is the KDC? Maybe there is a book I can get? I have read Oracles own guide, but it is mostly for Linux/Unix. Thanks a lot!

  Read the article

• Password Authentication Fails - NTLMv2

  - by JMeterX

  Environment: Windows 2000 sp4 EDIT: Domain Controller with no trust setup with the Win2008 Server Windows XP machines Windows 2008 Server Netapp NAS Problem: We have a shared folder that resides on a NAS using a Windows 2008 AD for the authentication with the proper permissions setup. When the Windows 2000 machine tries to open the share residing on the Win2008 machine, it is prompted for a username and password. Upon entering the credentials it continuously re-asks for credentials. Important Details: The Windows 2000 machine can ping both the XP machines and the Windows 2008 Server The Windows 2008 machine is mandated to only use NTLMv2 The Windows 2000 machine was originally set to NTLM but was recently switched to NTLMv2 if negotiated for the purpose of trying to connect to the share. As I am sure it will come up, we are using Windows 2000 because of contractual obligations Questions: Why is password Authentication failing in this case? After setting a GPO for the Win2000 machine for it to use NTLMv2, do we need to reboot the machine for the changes to take affect? We used SECEDIT to update the GPOs without rebooting. UPDATE We checked both of the 2008 Domain Controllers to find an error code. We received: Microsoft_Auth_Package_V1_0 0xc000006a Event ID: 4776 I know this to be an authentication error via THIS article "The value provided as the current password is not correct" We know this password to be correct, but since these two domains (Win2000 & Win2008) do not have a trust setup what authentication account needs to be used? One that resides on the Win2000 hosted domain?

  Read the article

• How do I get public feed from facebook without user authentication on a native/Desktop app?

  - by KronoS

  I'm looking to get publicly available facebook feeds (i.e. Google's facebook page/posts). However instead of forcing the user to sign into their own facebook app, I want to be able to access these posts. I've looked into using "App Access Tokens" however since my application is a native/Desktop app (iOS, Android, WP8/Win 8) I'm not able to do this. Is there a way to get publicly accessible feeds from facebook without user authentication? I'm using the Facebook C# SDK to access facebook. Currently I'm doing the following: dynamic tokenInfo = fb.Get( String.Format( "/oauth/access_token?client_id={0}&client_secret={1}&grant_type=client_credentials", FbController.AppId, FbController.AppSecret)); var appAccessToken = (string) tokenInfo.access_token; fb = new FacebookClient(); dynamic response = fb.Get( String.Format( "/google/posts?access_token={0}", appAccessToken)); Problem is that this only works if my application is set to "web" instead of "native/Desktop". I get the following error when running this code and classified app as native/Desktop. (OAuthException - #15) (#15) Requires session when calling from a desktop app

  Read the article

< Previous Page | 29 30 31 32 33 34 35 36 37 38 39 40  | Next Page >